Login | Register
My pages Projects Community openCollabNet

Discussions > issues > [Issue 17] New - fsvs binary contains writable and executable sections

fsvs
Discussion topic

Hide all messages in topic

All messages in topic

[Issue 17] fsvs binary contains writable and executable sections

Author pmarek
Full name P.Marek
Date 2012-10-29 23:38:13 PDT
Message http://fsvs.tigris.o​rg/issues/show_bug.c​gi?id=17



User pmarek changed the following:

                What |Old value |New value
====================​====================​====================​====================​
                  Status|STARTED |RESOLVED
--------------------​--------------------​--------------------​--------------------​
              Resolution| |FIXED
--------------------​--------------------​--------------------​--------------------​




------- Additional comments from pmarek at tigris dot org Mon Oct 29 23:38:13 -0700 2012 -------
r2465 in branches/fsvs-1.2.x passes all tests.


TBH, I don't like that at all ... the nested functions were better, even if
GCC's solution is semi-optimal.
(I would have hoped for a global variable that points to the stack frame, and
gets pushed/popped like I'm doing now manually. Would've needed no trampolines,
and so no executable stack.)

[Issue 17] fsvs binary contains writable and executable sections

Author pmarek
Full name P.Marek
Date 2012-10-29 09:52:11 PDT
Message http://fsvs.tigris.o​rg/issues/show_bug.c​gi?id=17






------- Additional comments from pmarek at tigris dot org Mon Oct 29 09:52:11 -0700 2012 -------
Would you please take a look a

    http://fsvs.tigris.o​rg/source/browse/fsv​s/branches/fsvs-1.2.​x/

and tell me whether that fixes your issue?

I know that it currently makes the "fsvs cp" tests go bad (as they're doing
recursive calls, and simply translating to global variables doesn't work here),
but if you're not using that feature you could test a bit.

[Issue 17] fsvs binary contains writable and executable sections

Author pmarek
Full name P.Marek
Date 2012-10-25 02:26:01 PDT
Message http://fsvs.tigris.o​rg/issues/show_bug.c​gi?id=17






------- Additional comments from pmarek at tigris dot org Thu Oct 25 02:26:01 -0700 2012 -------
Ah, ok, it's the executable stack that GCC needs for embedded functions
(trampoline code).
See eg. "void Increment()" in helper.c (but there are a few more).

I'll try to change that; patches are welcome ;)

[Issue 17] fsvs binary contains writable and executable sections

Author pinkbyte
Full name Sergey Popov
Date 2012-10-25 02:20:52 PDT
Message http://fsvs.tigris.o​rg/issues/show_bug.c​gi?id=17






------- Additional comments from pinkbyte at tigris dot org Thu Oct 25 02:20:51 -0700 2012 -------
The problem is that on Gentoo Hardened, fsvs binary can be unusable because PaX
restrictions.

objdump output here:

pinkbyte@oas1 ~ $ objdump -h /usr/bin/fsvs

fsvs: file format elf64-x86-64

Sections:
Idx Name Size VMA LMA File off Algn
  0 .interp 0000001c 0000000000400270 0000000000400270 00000270 2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  1 .note.ABI-tag 00000020 000000000040028c 000000000040028c 0000028c 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  2 .gnu.hash 00000088 00000000004002b0 00000000004002b0 000002b0 2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  3 .dynsym 000013e0 0000000000400338 0000000000400338 00000338 2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  4 .dynstr 000009ba 0000000000401718 0000000000401718 00001718 2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  5 .gnu.version 000001a8 00000000004020d2 00000000004020d2 000020d2 2**1
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  6 .gnu.version_r 00000070 0000000000402280 0000000000402280 00002280 2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  7 .rela.dyn 000000a8 00000000004022f0 00000000004022f0 000022f0 2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  8 .rela.plt 00001278 0000000000402398 0000000000402398 00002398 2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  9 .init 00000018 0000000000403610 0000000000403610 00003610 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 10 .plt 00000c60 0000000000403628 0000000000403628 00003628 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 11 .text 00027a58 0000000000404290 0000000000404290 00004290 2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 12 .fini 0000000e 000000000042bce8 000000000042bce8 0002bce8 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 13 .rodata 00010f39 000000000042bd00 000000000042bd00 0002bd00 2**4
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 14 .eh_frame_hdr 00000d4c 000000000043cc3c 000000000043cc3c 0003cc3c 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 15 .eh_frame 0000565c 000000000043d988 000000000043d988 0003d988 2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 16 .ctors 00000010 0000000000643da8 0000000000643da8 00043da8 2**3
                  CONTENTS, ALLOC, LOAD, DATA
 17 .dtors 00000010 0000000000643db8 0000000000643db8 00043db8 2**3
                  CONTENTS, ALLOC, LOAD, DATA
 18 .jcr 00000008 0000000000643dc8 0000000000643dc8 00043dc8 2**3
                  CONTENTS, ALLOC, LOAD, DATA
 19 .dynamic 00000210 0000000000643dd0 0000000000643dd0 00043dd0 2**3
                  CONTENTS, ALLOC, LOAD, DATA
 20 .got 00000008 0000000000643fe0 0000000000643fe0 00043fe0 2**3
                  CONTENTS, ALLOC, LOAD, DATA
 21 .got.plt 00000640 0000000000643fe8 0000000000643fe8 00043fe8 2**3
                  CONTENTS, ALLOC, LOAD, DATA
 22 .data 000017b0 0000000000644630 0000000000644630 00044630 2**4
                  CONTENTS, ALLOC, LOAD, DATA
 23 .bss 00002618 0000000000645de0 0000000000645de0 00045de0 2**5
                  ALLOC
 24 .gnu_debuglink 00000010 0000000000000000 0000000000000000 00045de0 2**0
                  CONTENTS, READONLY


Also i have sent you compiled binary. Hope that helps.

[Issue 17] fsvs binary contains writable and executable sections

Author pmarek
Full name P.Marek
Date 2012-10-22 03:38:58 PDT
Message http://fsvs.tigris.o​rg/issues/show_bug.c​gi?id=17



User pmarek changed the following:

                What |Old value |New value
====================​====================​====================​====================​
                  Status|NEW |STARTED
--------------------​--------------------​--------------------​--------------------​




------- Additional comments from pmarek at tigris dot org Mon Oct 22 03:38:57 -0700 2012 -------
Hmmm, what's the exact problem? Are there some compiler/linker options for that?
There are a few written-to "static char[]" buffers, but these should not be in
.text.

Can you give me a objdump section list, and/or send me the binary (in private mail)?

[Issue 17] New - fsvs binary contains writable and executable sections

Author pinkbyte
Full name Sergey Popov
Date 2012-10-22 03:16:55 PDT
Message http://fsvs.tigris.o​rg/issues/show_bug.c​gi?id=17
                 Issue #|17
                 Summary|fsvs binary contains writable and executable sections
               Component|fsvs
                 Version|current
                Platform|Linux
              OS/Version|All
                     URL|https://bugs.gentoo.​org/show_bug.cgi?id=​439204
                  Status|NEW
       Status whiteboard|
                Keywords|
              Resolution|
              Issue type|DEFECT
                Priority|P3
            Subcomponent|core
             Assigned to|pmarek
             Reported by|pinkbyte






------- Additional comments from pinkbyte at tigris dot org Mon Oct 22 03:16:54 -0700 2012 -------
When compiling fsvs in Gentoo Linux(using ebuild) i see such warning:

 * QA Notice: The following files contain writable and executable sections
 * Files with such sections will not work properly (or at all!) on some
 * architectures/operating systems. A bug should be filed at
 * http://bugs.gentoo.org/ to make sure the issue is fixed.
 * For more information, see http://hardened.gent​oo.org/gnu-stack.xml​
 * Please include the following list of files in your report:
 * Note: Bugs should be filed for the respective maintainers
 * of the package in question and not hardened@g.o.
 * RWX --- --- usr/bin/fsvs

It does not prevent fsvs to run on my PC, but can be a problem for other users,
so it would be nice to fix this.
Messages per page: